function updateStats($objectName, $objectId, $type)
{
$db = new DatabaseConnection();
$stats = new Stats();
$query = "SELECT statsid FROM stats WHERE objectname='{$objectName}' AND objectid='{$objectId}'";
$results = $db->Query($query);
if ($db->Rows() > 0) {
//exsiting
$data = mysql_fetch_row($results);
$stats = $stats->Get((int) $data[0]);
} else {
//new record
$stats->objectname = $objectName;
$stats->objectid = $objectId;
}
$stats->{$type} = $stats->{$type} + 1;
$stats->Save();
}
/**
* Deletes the object from the database
* @return boolean
*/
function Delete()
{
$Database = new DatabaseConnection();
$this->pog_query = "delete from `user` where `userid`='" . $this->userId . "'";
return $Database->Query($this->pog_query);
}
function generateJobLink($user)
{
global $truncateText;
$db = new DatabaseConnection();
$result = $db->Query("SELECT * FROM job where onlineuser_onlineuserid={$user->onlineuserId} ORDER BY dt_created DESC");
$rows = $db->Rows();
$alt = false;
$rowclass = "";
if ($rows > 0 || isSuperUser(false)) {
echo "<br/>";
echo "<span class='adminrowheader'>Job Admin</span>";
echo " - <a href='job_post.php' class='newslarge'>create new</a>";
echo "<div class=\"spacer\"></div>";
echo "<table class=\"table\">";
if ($rows == 0) {
if (isSuperUser(false)) {
echo "<tr><td>";
echo "currently have no entries";
echo "</td></tr>";
}
} else {
echo "<TR><TD>Position</td><TD>Description</td><TD>Salary</td><TD>Location</td><TD>Company</td><TD>Created</td><TD>Expires</td><TD>Status</td><TD><!-- Functions --></td></tr>";
for ($i = 0; $i < $rows; $i++) {
$row = mysql_fetch_assoc($result);
if ($alt) {
$rowclass = "row_even";
} else {
$rowclass = "row_odd";
}
$alt = !$alt;
echo "<tr>";
echo "<td class=\"{$rowclass}\">" . $row["position"] . "</td>";
echo "<td class=\"{$rowclass}\">" . substr($row["profile"], 0, $truncateText) . "...</td>";
echo "<td class=\"{$rowclass}\">" . $row["bonus"] . "</td>";
echo "<td class=\"{$rowclass}\">" . $row["location"] . "</td>";
echo "<td class=\"{$rowclass}\">" . $row["company"] . "</td>";
echo "<td class=\"{$rowclass}\">" . FormatDateTime($row["dt_created"], 7) . "</td>";
echo "<td class=\"{$rowclass}\">" . FormatDateTime($row["dt_expire"], 7) . "</td>";
$jobid = $row["jobid"];
if ($row["job_status"] != "temp" && $row["dt_expire"] <= date("Y-m-d")) {
echo "<td class=\"{$rowclass}\">Expired</td><td class=\"{$rowclass}\"><ul>";
echo "<li><a href=\"renew.php?type=Job&id=" . $jobid . "\">Renew</a></li>";
} else {
switch ($row["job_status"]) {
case "temp":
echo "<td class=\"{$rowclass}\">Temporary</td><td class=\"{$rowclass}\"><ul>";
echo "<li><a href='activate.php?type=Job&id={$jobid}'>Activate</a></li>";
break;
case "active":
echo "<td class=\"{$rowclass}\">Active</td><td class=\"{$rowclass}\"><ul>";
if (isSuperUser(false)) {
echo "<li><a href='deactivate.php?type=Job&id={$jobid}'>Pause</a></li>";
}
break;
case "disabled":
echo "<td class=\"{$rowclass}\">Paused</td><td class=\"{$rowclass}\"><ul>";
if (isSuperUser(false)) {
echo "<li><a href='activate.php?type=Job&id={$jobid}'>Continue</a></li>";
}
}
}
echo "<li><a href='jobedit.php?jobid={$jobid}'>Modify</a></li>";
//echo "<li><a href='jobview.php?jobid=$jobid' target='_blank'>View</a></li>";
if (isSuperUser(false)) {
echo "<li><a href='#' onClick=\"sure('Job','{$jobid}')\">Delete</a></li>";
}
echo "</ul>";
echo "</td>";
echo "</tr>";
}
}
echo "</table>";
echo "<br/>";
echo "<br/>";
}
}
function hasSpotlight()
{
$db = new DatabaseConnection();
$result = $db->Query("SELECT spotlightid FROM spotlight WHERE membershipid='" . $this->gold_membershipId . "' AND spotlight_type='gold_membership'");
if ($db->Rows() > 0) {
$id = mysql_fetch_row($result);
return $id[0];
} else {
return false;
}
}
require "common_super.php";
require "top.php";
$class = stripslashes($_GET["type"]);
$id = (int) $_GET["id"];
if ($class == "news" || $class == "restaurant" || $class == "franchise") {
$adminUrl = "admin_account.php";
} else {
$adminUrl = "account.php";
}
if ($class == "Job") {
$db = new DatabaseConnection();
$db->Query("delete from job where jobid={$id}");
} else {
if ($class == "CV") {
$db = new DatabaseConnection();
$db->Query("delete from cv where cvid={$id}");
} else {
$object = new $class();
$object = $object->Get($id);
$object->Delete();
}
}
?>
<table width="459" border="0" cellspacing="0" cellpadding="0" >
<tr>
<td><img src="images/spacer.gif" alt="spacer" width="1" height="5" border="0" /></td>
</tr>
<tr>
<td><div class="roundcont">
<div class="roundtop"> <img class="corner" src="images/bl_01.gif" alt="edge" style=" display: none;" /></div>
<h1>Delete Item</h1>
/**
* Deletes the object from the database
* @return boolean
*/
function Delete($deep = false)
{
if ($deep) {
$userList = $this->GetUserList();
foreach ($userList as $user) {
$user->Delete($deep);
}
}
$Database = new DatabaseConnection();
$this->pog_query = "delete from `group` where `groupid`='" . $this->groupId . "'";
return $Database->Query($this->pog_query);
}
} else {
if ($instance->pog_attribute_type[strtolower($attribute)][0] != "OBJECT") {
$instance->{$attribute} = "1";
}
}
}
}
//Test Save()
$instanceId = false;
$instance->{strtolower($className) . "Id"} = 0;
$instanceId = $instance->Save(false);
if (!$instanceId) {
//table doesn't exist
//try to create table
$database = new DatabaseConnection();
$database->Query($sql);
$instanceId = $instance->Save(false);
if (!$instanceId) {
$diagnostics .= "Could not create table.";
$diagnostics .= "ERROR: Save() could not be performed\n";
$diagnostics .= $instance->pog_query . "\n";
$errors++;
} else {
$diagnostics .= "Created Table {$className} successfully\n";
$diagnostics .= "Testing Save()....OK\n";
}
} else {
$diagnostics .= "Testing Save()....OK\n";
}
//Test SaveNew()
if (!$instance->SaveNew(false)) {
<?php
require "common_super.php";
$id = (int) $_GET["id"];
$db = new DatabaseConnection();
$user = new OnlineUser();
if ((bool) $_POST["submitting"]) {
$id = (int) $_POST["id"];
$user = $user->Get($id);
$tables = array("cv", "franchise", "gold_membership", "job", "platinum_membership", "restaurant", "supplier");
foreach ($tables as $tableName) {
$db->Query("DELETE FROM {$tableName} WHERE onlineuser_onlineuserid='{$id}'");
}
$user->Delete();
$_SESSION["onlineuser"] = $_SESSION["superuser"];
header("Location: delete_user_success.php");
exit;
}
$db->Query("SELECT dt_created FROM cv WHERE onlineuser_onlineuserid='{$id}'");
$cvCount = $db->Rows();
$db->Query("SELECT dt_created FROM franchise WHERE onlineuser_onlineuserid='{$id}'");
$franchiseCount = $db->Rows();
$db->Query("SELECT dt_created FROM gold_membership WHERE onlineuser_onlineuserid='{$id}'");
$goldCount = $db->Rows();
$db->Query("SELECT dt_created FROM job WHERE onlineuser_onlineuserid='{$id}'");
$jobCount = $db->Rows();
$db->Query("SELECT dt_created FROM platinum_membership WHERE onlineuser_onlineuserid='{$id}'");
$platinumCount = $db->Rows();
$db->Query("SELECT dt_created FROM restaurant WHERE onlineuser_onlineuserid='{$id}'");
$restaurantCount = $db->Rows();
$db->Query("SELECT dt_created FROM supplier WHERE onlineuser_onlineuserid='{$id}'");
if ($firstname != "" || $lastname != "" || $email != "") {
$where = "";
$where = $firstname != "" ? "first_name like '%" . $db->Escape($firstname) . "%'" : "";
if ($lastname != "") {
if ($where != "") {
$where .= " AND ";
}
$where .= "last_name like '%" . $db->Escape($lastname) . "%'";
}
if ($email != "") {
if ($where != "") {
$where .= " AND ";
}
$where .= "email like '%" . $db->Escape($email) . "%'";
}
$result = $db->Query("SELECT onlineuserId, first_name, last_name, email FROM onlineuser WHERE {$where} AND onlineuserId!='1'");
if (($rows = $db->Rows()) > 0) {
$matches = true;
for ($i = 0; $i < $rows; $i++) {
$resultArray[$i] = mysql_fetch_row($result);
}
}
}
require "top_wide.php";
?>
<style type="text/css" media="screen">
<!--
a { color: #0083cc; font-size: 10px; font-family: Verdana, Arial, Helvetica, SunSans-Regular; text-decoration: none }
a:hover { color: #0083cc; font-size: 10px; font-family: Verdana, Arial, Helvetica, SunSans-Regular; text-decoration: underline }
#wrapper table { width:740px;}
#wrapper td {padding:5px;}
<?php
require "common_all.php";
$errorText = "";
if (isset($_GET["code"])) {
if (strlen($code) > 20) {
$errorText .= "<LI>Please enter a valid code";
}
if (strlen($email) > 45) {
$errorText .= "<LI>Please enter a valid email address";
}
if ($errorText == "") {
$db = new DatabaseConnection();
$code = $db->Escape($_GET["code"]);
$email = $db->Escape($_GET["email"]);
$db->Query("SELECT onlineuserid FROM onlineuser WHERE email='{$email}'");
if ($db->Rows() > 0) {
$user = new OnlineUser();
$user = $user->Get($db->Result(0, "onlineuserid"));
if ($code == strtotime($user->dt_created)) {
$user->user_status = "active";
$user->Save();
//$_SESSION["onlineuser"]=$user;
header("Location: register_activated.php");
}
}
$errorText = "<LI>Either the email address or code you entered is incorrect";
} else {
$errorText = "<ul>{$errorText}</ul>";
}
}
<?php
require "common_user.php";
require "top.php";
$class = stripslashes($_GET["type"]);
$id = (int) $_GET["id"];
$newExpiryDate = expiryDate();
if ($class == "gold_membership" || $class == "platinum_membership") {
$newExpiryDate = expiryYear();
}
if ($class == "Job") {
$db = new DatabaseConnection();
$db->Query("update job set job_status = 'active', dt_expire='{$newExpiryDate}' where onlineuser_onlineuserid={$user->onlineuserId} and jobid={$id}");
} else {
$object = new $class();
$object = $object->Get($id);
if (isSuperUser(false) || $user->canAccess($object)) {
/* no point check this, where if an object is live or not are determined by status and expiry date
$expires=strtotime($object->dt_expire);
if (date("U") > $expires){
// at this point the advert has already expired
// maybe redirect to a pay now link ?
exit;
}
*/
$status = $class . "_status";
$object->{$status} = "active";
$object->dt_expire = $newExpiryDate;
$object->Save();
} else {
// this user is not allowed to access this resource
<?php
require "common_user.php";
require "top.php";
$class = stripslashes($_GET["type"]);
$id = (int) $_GET["id"];
if ($class == "Job") {
$db = new DatabaseConnection();
$db->Query("update job set job_status = 'disabled' where onlineuser_onlineuserid={$user->onlineuserId} and jobid={$id}");
} else {
$object = new $class();
$object = $object->Get($id);
if (isSuperUser(false) || $user->canAccess($object)) {
$status = $class . "_status";
$object->{$status} = "disabled";
$object->Save();
} else {
// this user is not allowed to access this resource
exit;
}
}
?>
<table width="459" border="0" cellspacing="0" cellpadding="0" >
<tr>
<td><img src="images/spacer.gif" alt="spacer" width="1" height="5" border="0" /></td>
</tr>
<tr>
<td><div class="roundcont">
<div class="roundtop"> <img class="corner" src="images/bl_01.gif" alt="edge" style=" display: none;" /></div>
<h1>Deactivate Advert</h1>
<div class="roundbottom"> <img src="images/bl_06.gif" alt="edge" class="corner" style=" display: none;" /></div>
/**
* Deletes the object from the database
* @return boolean
*/
function Delete()
{
$Database = new DatabaseConnection();
$this->pog_query = "delete from `stats` where `statsid`='" . $this->statsId . "'";
return $Database->Query($this->pog_query);
}
echo "<a href=\"platinum.php?id=" . $platinumImages[$imagePos][0] . "\">";
echo "<img src=\"logos/" . $platinumImages[$imagePos][1] . "\" width='153' height='104' border='0' class='platinumImages'></a>";
$imagePos++;
} else {
echo "<a href=\"advertise.php\">";
echo "<img src='logos/your_company_here.gif' width='153' height='104' border='0' class='platinumImages'></a>";
}
}
if (isset($_GET["redir"])) {
$_SESSION["redir"] = $_GET["redir"];
header("Location: index.php");
exit;
}
$platinumImages = array(6);
$db = new DatabaseConnection();
$result = $db->Query("SELECT platinum_membershipId,logo\n FROM platinum_membership\n WHERE platinum_membership_status='active'\n AND dt_expire>'" . date("Y-m-d") . "'\n ORDER BY RAND() LIMIT 6");
$rows = $db->Rows();
for ($i = 0; $i < $rows; $i++) {
$qr = mysql_fetch_row($result);
$platinumImages[$i] = $qr;
}
$imagePos = 0;
for ($i = 0; $i < count($platinumImages); $i++) {
updateImpressions("platinum_membership", $platinumImages[$i][0]);
}
$loginEmail = showLoggedInAs();
//default
$button1 = "homebuttonIff_04";
$button2 = "homebuttonIff_05";
$button3 = "homebuttonIff_06";
$button4 = "homebuttonIff_07";
<?php
require "common_all.php";
if (isset($_POST["reset"])) {
$db = new DatabaseConnection();
$email = $db->Escape($_POST["email"]);
$password = "";
for ($i = 1; $i <= 6; $i++) {
$password .= chr(mt_rand(97, 122)) . chr(mt_rand(65, 90));
}
$db->Query("UPDATE onlineuser SET pass_word=PASSWORD('{$password}') WHERE email='{$email}'");
$db->Query("SELECT first_name, last_name FROM onlineuser WHERE email='{$email}'");
if ($db->Rows() > 0) {
$fname = $db->Result(0, "first_name");
$lname = $db->Result(0, "last_name");
$headers = "From: noreply@fastfoodjobsuk.co.uk\r\n";
$headers .= "X-Mailer: CJS_MailSystem\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$message = "<HTML><pre>";
$message .= "Dear {$fname} {$lname}\n\n";
$message .= "You password is: {$password} and if you need any further help please e-mail\n";
$message .= "support@fastfoodjobsuk.co.uk\n\n";
$message .= "Regards,\n\n";
$message .= "The Fast Food Jobs Support Team.";
$message .= "</pre></html>";
mail($email, "Fastfoodjobsuk Password Reset", $message, $headers);
}
header("Location: forgotten_password_success.php");
exit;
}
}
if (($result = validate($user->address_2, "", 255)) !== true) {
$errorText .= "<LI>The second line of your address is {$result}";
}
if (($result = validate($user->postcode, "", 20)) !== true) {
$errorText .= "<LI>Your post code is {$result}";
}
if (($result = validate($user->tel, "phonenumber", 45)) !== true) {
$errorText .= "<LI>Your telephone number is {$result}";
}
if ($user->fax != "" && ($result = validate($user->fax, "phonenumber", 45)) !== true) {
$errorText .= "<LI>Your fax number is {$result}";
}
}
if ($errorText == "") {
$query = $db->Query("SELECT * FROM onlineuser WHERE email='" . $db->Escape($user->email) . "' AND onlineuserid!='" . $user->onlineuserId . "' LIMIT 1");
if ($db->Rows() > 0) {
$errorText .= "<LI>The email address you have entered is taken";
} else {
$_SESSION["onlineuser"] = $user;
$user->Save();
header("Location: {$adminUrl}");
exit;
}
}
$errorText = "<ul>" . $errorText . "</ul>";
}
require "top.php";
?>
<form action="user_profile.php" method="POST">
<?php
require "common_all.php";
$id = (int) $_GET["id"];
$member = new Spotlight();
$member = $member->Get($id);
if ($member->spotlightId == 0) {
// pull latest out of db
$db = new DatabaseConnection();
$result = $db->Query("SELECT spotlightid FROM spotlight ORDER BY dt_created DESC LIMIT 1");
if ($db->Rows() == 1) {
$qr = mysql_fetch_row($result);
$member = $member->Get($qr[0]);
} else {
header("Location: index.php");
exit;
}
}
require "top_wide.php";
?>
<link rel=stylesheet href="css/platinum.css" type="text/css">
<img src="logos/<?php
echo $member->logo;
?>
" width="<?php
echo $platinumImageWidth;
?>
" height="<?php
echo $platinumImageHeight;
?>
" class="topimageleft">
function getCVId()
{
$db = new DatabaseConnection();
$result = $db->Query("select cvid from `cv` where onlineuser_onlineuserid='" . $this->onlineuserId . "'");
return $db->Result(0, "cvid");
}
}
if (($result = validate($telephone, "phonenumber", 45)) !== true) {
$errorText .= "<LI>Your telephone number is {$result}";
}
if ($fax != "" && ($result = validate($fax, "phonenumber", 45)) !== true) {
$errorText .= "<LI>Your fax number is {$result}";
}
}
if (($result = validate($password, "password", 45, 6)) !== true) {
$errorText .= "<LI>Your password is {$result}";
}
if ($_POST["readTerms"] != "on") {
$errorText .= "<LI>Please read the terms and then tick the box to proceed";
}
if ($errorText == "") {
$query = $db->Query("SELECT * FROM onlineuser WHERE email='" . $db->Escape($email) . "' LIMIT 1");
if ($db->Rows() > 0) {
$errorText .= "<LI>The email address you have entered is taken";
} else {
$user = new OnlineUser($email, $first_name, $last_name, $password, $address1, $address2, $address3, $postcode, $telephone, $fax, '', 'temp');
if (isSuperUser(false) && $status != "") {
$user->user_status = $status;
}
$userId = $user->Save();
$user = $user->Get($userId);
$created = strtotime($user->dt_created);
$mail = new Emailer();
$mail->setTo($email);
$mail->setFrom($configuration["fromEmail"]);
$mail->setSubject("Fastfoodjobsuk Registration");
$url = "http://www.fastfoodjobsuk.co.uk/register_activate.php?email={$email}&code={$created}";
<?php
require "common_all.php";
if (isset($_POST["email"])) {
$db = new DatabaseConnection();
$results = $db->Query("SELECT * FROM onlineuser WHERE email='" . $db->Escape($_POST["email"]) . "' AND pass_word=PASSWORD('" . $db->Escape($_POST["password"]) . "')");
if ($db->Rows() != null) {
$user = new OnlineUser();
$user = $user->populate($db);
// are they active?
$status = $user->user_status;
switch ($status) {
case "temp":
header("Location: register_activate.php");
exit;
break;
case "disabled":
header("Location: logout.php");
exit;
break;
}
$_SESSION["onlineuser"] = $user;
//proceed to loged in page
if (isSuperUser(false)) {
header("Location: admin_account.php");
exit;
} else {
if (isset($_SESSION["redirect"]) || isset($_POST["redirect"])) {
$url = isset($_SESSION["redirect"]) ? $_SESSION["redirect"] : $_POST["redirect"];
unset($_SESSION["redirect"]);
header("Location: {$url}");
/**
* Deletes a list of objects that match given conditions
* @param multidimensional array {("field", "comparator", "value"), ("field", "comparator", "value"), ...}
* @param bool $deep
* @return
*/
function DeleteList($fcv_array)
{
if (sizeof($fcv_array) > 0) {
$Database = new DatabaseConnection();
$pog_query = "delete from `news` where ";
for ($i = 0, $c = sizeof($fcv_array); $i < $c; $i++) {
if (sizeof($fcv_array[$i]) == 1) {
$pog_query .= " " . $fcv_array[$i][0] . " ";
continue;
} else {
if ($i > 0 && sizeof($fcv_array[$i - 1]) !== 1) {
$pog_query .= " AND ";
}
if (isset($this->pog_attribute_type[$fcv_array[$i][0]]) && $this->pog_attribute_type[$fcv_array[$i][0]][0] != 'NUMERIC' && $this->pog_attribute_type[$fcv_array[$i][0]][0] != 'SET') {
$pog_query .= "`" . $fcv_array[$i][0] . "` " . $fcv_array[$i][1] . " '" . $Database->Escape($fcv_array[$i][2]) . "'";
} else {
$pog_query .= "`" . $fcv_array[$i][0] . "` " . $fcv_array[$i][1] . " '" . $fcv_array[$i][2] . "'";
}
}
}
return $Database->Query($pog_query);
}
}
$emailMessage .= "{$job_contact_email}\n\n";
$emailMessage .= "None of your contact details have been revealed\n";
$emailMessage .= "and it is totally up to you if you wish to make\n";
$emailMessage .= "contact with the interested employer.\n\n";
$emailMessage .= "Regards,\n\n";
$emailMessage .= "The Fast Food Jobs Team\n\n";
$emailMessage .= "Tel: 0845 644 8252\n";
$emailMessage .= "*****@*****.**";
return $emailMessage;
}
$cvid = (int) $_GET["cvid"];
if ($cvid == "") {
$cvid = (int) $_POST["cvid"];
}
$db = new DatabaseConnection();
$results = $db->Query("SELECT first_name, last_name, email FROM cv WHERE cvid='{$cvid}'");
if ($db->Rows() <= 0) {
// possibly post/get data has been tampered with
// you should always get 1 row back with this query
exit;
}
$data = mysql_fetch_row($results);
$cv_first_name = $data[0];
$cv_last_name = $data[1];
$cv_email = $data[2];
if ((bool) $_POST["submitting"]) {
$jobId = (int) $_POST["jobIds"];
$queryJob = $db->Query("SELECT contact_email FROM job WHERE jobid='{$jobId}'");
if ($db->Rows() <= 0) {
// shouldn't really ever get here
exit;
